﻿Imports System.Data
Imports System.Data.SqlClient
Imports System.Security.Cryptography

Partial Class Login
    Inherits System.Web.UI.Page

    Function Hash(ByVal thePassword As String) As Byte()
        Dim md5Hasher As New MD5CryptoServiceProvider
        Dim encoder As New UTF8Encoding
        Return md5Hasher.ComputeHash(encoder.GetBytes(thePassword))
    End Function

    Protected Sub Login1_Authenticate(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.AuthenticateEventArgs) Handles Login1.Authenticate
        Dim conn As New SqlConnection(ConfigurationManager.ConnectionStrings("_112CW_DBConnectionString").ConnectionString)

        Dim cmd As New SqlCommand("SELECT COUNT(*) FROM SYS_Users WHERE Username = @Username AND Password = @Password", conn)
        cmd.CommandType = CommandType.Text
        cmd.Parameters.Add("@Username", SqlDbType.VarChar).Value = Login1.UserName.ToLower
        cmd.Parameters.Add("@Password", SqlDbType.Binary).Value = Hash(Login1.Password)

        'Response.Write(Login1.Password)
        Dim pass() As Byte = Hash(Login1.Password)
        Response.Write("<!--")
        For Each p In pass
            Response.Write(p.ToString("x2"))
        Next
        Response.Write("-->")

        conn.Open()
        Dim theUserID As Integer = CInt(cmd.ExecuteScalar)
        conn.Close()

        If theUserID > 0 Then
            e.Authenticated = True
        Else
            e.Authenticated = False
        End If
    End Sub

    Protected Sub Login_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        CType(Me.Master, MasterPage).MenuVisible = False
    End Sub
End Class
